It was bound to happen sooner or later, a way of sniffing out your login, password and other unencrypted data you send to social networks has hit the main stream. Techniques for grabbing unencrypted packets has for the most part remained underground and relatively user unfriendly but Firesheep changes that. It is an add-on for Firefox that will allow you sniff out the unencrypted packets on your local network segment and if someone logs into a site which Firesheep recognizes you will see a user picture pop up and a simple click will have you logged in as that user immediately. More at Slashdot.
… once you are done panicking you should head here for a preventative measure.
"A simple-to-use Firefox plugin presented yesterday at Toorcon in San Diego has hit the security world with the realization that squabbles about Facebook’s changing privacy settings and various privacy breaches simply miss the point. ‘When it comes to user privacy, SSL is the elephant in the room,’ said Eric Butler, the developer of the extension in question, dubbed Firesheep. By installing and running it, anyone can ‘sniff out’ the unencrypted HTTP sessions currently allowing users on that network segment to access social networks, online services and other website requiring a login, and simply hijack them and impersonate the user."
Here is some more Tech News from around the web:
- Microsoft says next version of Windows is two years away @ The Inquirer
- Music Master to offer MP3 downloads for Dhs3 @ t-break
- BlizzCon 2010 – Opening Day Coverage @ Legit Reviews
- Western Digital interview at GITEX @ t-break
- Mideast Tunes interview at GITEX @ t-break
- Symantec Interview at Gitex @ t-break
- Interview with Hercules Thrustmaster at Gitex Technology Week @ t-break
- BlizzCon 2010 – Final Day Coverage @ Legit Reviews
- Dell Streak showcased at GITEX @ t-break
- BlizzBabes – Booth Babes and Cosplay Sweethearts at BlizzCon 2010 @ Legit Reviews